GET READY!

Scrap.shs

Is that okay? selecting some lines of text in a Word document, dragging and dropping them on the desktop). However, as you can see, the icon and the label need have nothing whatsoever to do with the object. Selected Edit...

Thanks! Here's the document containing the object: spoof.doc When clicked upon, either as a scrap file or while in the document, this object will immediately open a DOS window and format drive All Rights ReservedAd Choices The information on Computing.Net is the opinions of its users. The operating system will create an .shs file with the selected content, which will be useless alone, and only readable by dragging the icon and dropping it in a program which their explanation

OE reportedly shows the file extension, but may truncate longer filenames depending upon how it is set to display attachments. Does your email application display the entire filename? This will open up the package in the Package Editor and you can inspect any commands executed by the package. Conclusion You should never double-click a scrap-file before you know

you can view and edit the specialized type of data using its native application. The command associated with an embedded object (one that's in a document) can be seen using the Object Packager. The icon of this Wordpad object can be dragged to the desktop and it will take on the default scrap icon and the Scrap.shs filename. I created an example of this capability, which you can find here: format_a.shs.

You can see it listed in the illustration just above. Using the site is easy and fun. Inspecting Scrap Files If you receive a scrap file, you need a way to inspect its contents for malicious code. https://en.wikipedia.org/wiki/Shell_Scrap_Object_File For instance, if a program located on drive A: is in use, you'll see this message: Drive A: is currently in use by another process.

I did copy pasted some images into another folder. Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. That file format contains the embedded data in a sort of "wrapper." Thus, you can have a standalone file which is readily pasted into any application that uses OLE, carrying along Aborting Format.

That seems rather harmless; you would have to open the document and then double-click the embedded object to execute its commands. https://www.techwalla.com/articles/how-to-open-scrap-files Johnson Back to top #7 quietman7 quietman7 Bleepin' Janitor Global Moderator 47,189 posts OFFLINE Gender:Male Location:Virginia, USA Local time:09:12 PM Posted 19 January 2008 - 12:04 AM Your welcome. ..Microsoft He who makes a beast out of himself, gets rid of the pain of being a man. - Dr. Instead you should follow these steps: Open WordPad Drag and drop the scrap file into WordPad (make sure you don't accidentally double-click it!) If text appears in WordPad instead of an

Thanks! It also says:The attachment warning runs for all attachments with executable file name extensions. So I think it's a fairly good idea, especially for business environments and novice users. But if a .SHS "object" is renamed to carry the .SHB extension, it will behave exactly the same way.

For this example, I used the standard icon for a rich-text document. I had no success generating a .SHB file using Wordpad. That's right. This is very handy of course.

As with Outlook, a popup dialog offers options to Save or Open. You can open a scrap file to view its contents.You can open a scrap file and view its contents.StepMove the scrap file to your computer's desktop, if it is not already And what if that file had an icon that resembled a harmless text file?

He who makes a beast out of himself, gets rid of the pain of being a man. - Dr.

I don't consider it important for a savvy user to install. Into my surprise it was successfully deleted. Johnson Back to top #5 quietman7 quietman7 Bleepin' Janitor Global Moderator 47,189 posts OFFLINE Gender:Male Location:Virginia, USA Local time:09:12 PM Posted 18 January 2008 - 08:50 PM Glad to hear Computing.Net and Purch hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.

If we have ever helped you in the past, please consider helping us. As far as I know, Netscape and Opera will try to display these files as if they were texts. (To save to disk, Netscape users will need to hold down Shift At least, I sure can't get an .shb file to go into an Outlook message on my patched system. Exploit Something I found interesting about this mechanism is how long it existed before it appears to have been exploited.

Presently, most Windows users don't know of its existence. If you get any results you think people should know about, send me an email. Look for Shell Scrap Object and Shortcut to Document.)To disable scrap files very thoroughly, remove or rename the shscrap.dll file in your System folder. The Microsoft Windows 3.1 User's Guide states that (translated from Swedish): "Objects can be linked or embedded in two ways.

Text of the dialog seems to vary somewhat with version. Now I have a package embedded in the document that when double-clicked will open up an MS-DOS shell. I found that surprisingly little has been said about it, even to the present day. Such opinions may not be accurate and they are to be used at your own risk.

This feature has existed in the Windows operating system since version 3.1, and exists still in Windows 2000. But then, those are the very users who're most likely to foolishly run hostile attachments!